You can trivially DoS Puma 5 and 7-powered boxes, too

A Chipzilla spokesperson confirmed to The Register on Tuesday that a TCP/UDP latency issue that makes home and business gateways powered by Puma 6 processors trivial to knock offline is also present in the Puma 5 and Puma 7 lines. This means swapping a Puma 6-based box – such as a Virgin Media Super Hub 3 – for a Puma 5 or 7 device won't do you any good right now.

The problem stems from the way the Puma chips handle network packets, whether they are from the WAN or LAN side. The modems are unable to cope with even modest loads of traffic in certain conditions, resulting in degraded performance and latency spikes.

For example, a light sweep of a vulnerable gateway's IP ports exhausts an internal lookup table, wrecking the performance of the embedded processor in what is effectively a denial-of-service attack. In other cases, it appears from network throughput graphs that the chipset is running a routine task every couple of seconds that stalls packet processing, inserting bursts of lag into connections.

To unlucky users, latency sensitive connections – such as online gaming – start to lag, until in worst cases it appears the broadband connection has died.

The issue was thought to be present only in Puma 6 modems. That it also is present in Puma 7 means those who had wanted to escape the flaw by upgrading to a newer box will be stuck waiting for a firmware update from Intel either way to correct the issue (or give up and opt for a modem powered by a Broadcom processor.)

While not exactly a full-blown crisis, the latency problems with Puma modems have been a nagging issue – particularly for gamers and streaming-heavy users, who have found it to be a major drag on latency and throughput on what should otherwise be gigabit or near-gigabit internet connections.

In the UK, Virgin Media customers have been waiting since last year for a promised fix that has yet to come.

The issue has led to at least one manufacturer that uses the chipset in its gigabit modems, Arris, being hit with a class-action lawsuit in America from aggrieved customers. A list of gateways built by various manufacturers that are believed to be affected by the Puma bug is here.

A long-running message board thread devoted to the issue quotes an Intel rep as saying a firmware fix is in the works, but it could be some time before affected broadband subscribers actually see the software update.

"Intel must develop & test the new code and deliver the code to the OEM. Then the OEM has to integrate and test the code in their specific end product, and then deliver the code to the cable operator," the spokesperson explained.

"And then the cable operator tests it in their environment before sending it to the end user. It is a chain of events, and everyone has their role to play and wants to test to make sure the new code plays nicely with all the other components."

The Puma series is positioned as a crucial component in Intel's Connected Home dream, providing the hardware for connecting up people's personal devices, gadgets and computers to the internet.

Interestingly, the Puma 5 chipset was bought by Intel from Texas Instruments in 2010. It uses an ARM11 CPU in big endian mode at its heart whereas the Puma 6 and 7 families use x86 Atom cores. That the performance issues exist across the 5, 6 and 7 lines suggests the problem may lie within dedicated packet-handling electronics wrapped around the CPU cores, or firmware code shared across the platform. ®